+ phpMyAdmin 3.5.8.2 and 4.0.4.2 are released
http://sourceforge.net/p/phpmyadmin/news/2013/07/phpmyadmin-3582-and-4042-are-released/
+ PMASA-2013-15 SQL injection vulnerabilities, producing a privilege escalation (control user)
http://www.phpmyadmin.net/home_page/security/PMASA-2013-15.php
+ PMASA-2013-14 Self-XSS due to unescaped HTML output in schema export.
http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php
+ PMASA-2013-13 XSS vulnerability when a text to link transformation is used.
http://www.phpmyadmin.net/home_page/security/PMASA-2013-13.php
+ PMASA-2013-12 Full path disclosure vulnerabilities.
http://www.phpmyadmin.net/home_page/security/PMASA-2013-12.php
+ PMASA-2013-11 If a crafted version.json would be presented, an XSS could be introduced.
http://www.phpmyadmin.net/home_page/security/PMASA-2013-11.php
+ PMASA-2013-9 5 XSS vulnerabilities in setup, chart display, process list, and logo link.
http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php
+ PMASA-2013-8 XSS due to unescaped HTML Output when executing a SQL query.
http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php
+ CVE-2013-4854: A specially crafted query can cause BIND to terminate abnormally
https://kb.isc.org/article/AA-01015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4854
+ BIND 9.9.3-S1-P1,9.9.3-P2,9.8.5-P2 released
http://www.isc.org/downloads
+ HS13-017 Privilege escalation vulnerabilities in JP1/IT Desktop Management - Manager and Hitachi IT Operations Director
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-017/index.html
+ HS13-017 JP1/IT Desktop Management - Manager,Hitachi IT Operations Directorにおける権限昇格の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-017/index.html
+ IBM Tivoli Remote Control Input Validation Flaw Lets Remote Authenticated Users Inject SQL Commands
http://www.securitytracker.com/id/1028841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3033
+ FreeBSD nfsserver Privilege Validation Flaw Lets Remote Authenticated Users Bypass Security Controls
http://www.securitytracker.com/id/1028840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4851
+ ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
http://www.securitytracker.com/id/1028838
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4854
+ REMOTE: Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
http://www.exploit-db.com/exploits/27135
+ SA54148 Linux Kernel "UDP_CORK" Option Two Denial of Service Vulnerabilities
http://secunia.com/advisories/54148/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4163
+ Symantec Web Surveillance Multiple vulnerabilities
http://cxsecurity.com/issue/WLB-2013070207
+ Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
http://cxsecurity.com/issue/WLB-2013070206
+ OpenOffice CVE-2013-4156 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/61468
+ OpenOffice CVE-2013-2189 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/61465
JVNDB-2012-002110 WordPress におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002110.html
第1回 悪質なアプリが跳梁、Androidの構造的リスク
http://itpro.nikkeibp.co.jp/article/COLUMN/20130725/494090/?ST=security
NTTコムへの不正アクセスが新たに判明、OCN IDによるログインを停止
http://itpro.nikkeibp.co.jp/article/NEWS/20130726/494464/?ST=security
米司法省、大手企業のセキュリティ侵害でロシア人ら5人を起訴
http://itpro.nikkeibp.co.jp/article/NEWS/20130726/494327/?ST=security
JVN#25280162 WordPress におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN25280162/
VU#709806 TrustGo Antivirus & Mobile Security contains a denial-of-service vulnerability
http://www.kb.cert.org/vuls/id/709806
REMOTE: ASUS RT-AC66U acsd Param - Remote Root Shell Exploit
http://www.exploit-db.com/exploits/27133
DoS/PoC: Galil-RIO Modbus - Denial of Service
http://www.exploit-db.com/exploits/27131
0 件のコメント:
コメントを投稿